WASHINGTON/SAN FRANCISCO (US) – In what is seen as the government’s bid to recover from one of the biggest hacks of its agencies by alleged Russian spies, President Joe Biden is roping in a group of national security veterans with good experience in the cyber domain. This has earned him praise from former defense officials and investigators.
“It is great to see the priority that the new administration is giving to cyber,” said Suzanne Spaulding, director of the Defending Democratic Institutions project at the Center for Strategic and International Studies.
Under the previous administration, cybersecurity was demoted as a policy field. It discontinued the Cybersecurity Coordinator position at the White House, shrivelled the State Department’s cyber diplomacy wing and sacked federal cybersecurity leader Chris Krebs following the election defeat of Donald Trump.
The hack, which was revealed in December, targetted eight federal agencies and several companies, including software provider SolarWinds Corp. US intelligence agencies attributed the cyber attack to Russian state actors, a charge denied by Moscow.
According to a recent law, Biden must open a cyber office reporting directly to a new National Cyber Director, who will oversee the federal government’s vast cyber capabilities, said Mark Montgomery, a former staff of the US Congress who designed the role.
The most probable candidate for Cyber Director is Jen Easterly, who used to be a former high ranking National Security Agency official.
Easterly, who is now head of resilience at Morgan Stanley, used to handle several senior intelligence posts in the Barack Obama administration and helped create the US Cyber Command, the top cyber warfare unit in the United States.
The new administration has appointed “world-class cybersecurity experts to leadership positions,” said Microsoft corporate Vice President Tom Burt.
But some observers are concerned that the collective group’s experience is in the public sector, according to an official. It is significant to note that the vast majority of US internet infrastructure is operated by American corporations.
“Finding a good balance with both government and commercial experience will be critical to success,” said former DHS Cybersecurity director Amit Yoran, now chief executive of security company Tenable Inc.
In order to replace Krebs at the Homeland Security Department, the new president plans to appoint Rob Silvers as director of the Cybersecurity Infrastructure Security Agency. Silvers had earlier worked in the Obama administration.
The National Security Council, which is an arm of the White House that guides an administration’s security priorities, comprises five experienced cybersecurity officials.
One of them is National Security Agency senior official Anne Neuberger who will be Deputy National Security Adviser for cyber and emerging technology, which is a new post to elevate the subject internally.
“The United States remains woefully unprepared for 21st century security threats – the establishment and prioritisation of a DNSA for Cyber and Emerging Tech on the NSC indicates the seriousness the Biden Administration will afford to addressing these challenges,” said Phil Reiner, chief executive of the Institute for Security and Technology.
Neuberger became one of the most visible figures at NSA in recent years after leading the spy agency’s cyber defense wing, drawing praise for quickly alerting companies to hacking techniques in use by other countries.